Navigation

There may be cases where you want to use one endpoint for both protected
and unprotected data. In these situations, you can use the
jwt_optional() decorator. This will allow the endpoint
to be accessed regardless of if a JWT is sent in with the request. If a JWT
that is expired or badly constructed is sent in with the request, an error will
be returned instead of calling the protected endpoint as if no token was
present in the request.

fromflaskimportFlask,jsonify,requestfromflask_jwt_extendedimport(JWTManager,jwt_optional,create_access_token,get_jwt_identity)app=Flask(__name__)# Setup the Flask-JWT-Extended extensionapp.config['JWT_SECRET_KEY']='super-secret'# Change this!jwt=JWTManager(app)@app.route('/login',methods=['POST'])deflogin():username=request.json.get('username',None)password=request.json.get('password',None)ifnotusername:returnjsonify({"msg":"Missing username parameter"}),400ifnotpassword:returnjsonify({"msg":"Missing password parameter"}),400ifusername!='test'orpassword!='test':returnjsonify({"msg":"Bad username or password"}),401access_token=create_access_token(identity=username)returnjsonify(access_token=access_token),200@app.route('/partially-protected',methods=['GET'])@jwt_optionaldefpartially_protected():# If no JWT is sent in with the request, get_jwt_identity()# will return Nonecurrent_user=get_jwt_identity()ifcurrent_user:returnjsonify(logged_in_as=current_user),200else:returnjsonify(loggeed_in_as='anonymous user'),200if__name__=='__main__':app.run()